Re: Vulnerability Assessment

["Tomas L. Byrnes" <tomb () byrneit net>]

You can use Nessus with the AlienVault (openVAS) feed.

Or you can get a 15 day "demo" of the Tenable Professional feed, if this
is just a once-off scan.

If you're going to make a business out of this, the $1295/yr for Tenable
should be trivial compared to the revenues you could make while trying
to save $.


> -----Original Message-----
> From: full-disclosure-bounces () lists grok org uk
[mailto:full-disclosure-
> bounces () lists grok org uk] On Behalf Of mamo
> Sent: Sunday, May 24, 2009 4:35 AM
> To: full-disclosure () lists grok org uk
> Subject: [Full-disclosure] Vulnerability Assessment
>
> Hi all,
>
> I have not done VA for a couple of years and now need again to do this
> for a medium size company. Nessus became commercial (also if it is
> possible to use it for limited activity). Some other free/OS software
> went commercial. I am not going to do full pen-test, just want to
> check for patching and high level vulnerability.
>
> What is your experience with OpenVAS? Looking at the site is has a
> limited number of Vulnerability Check compared to nesssus.
>
> What software can I use for VA (the network is windoze in large parte
> with some services implemented on Linux)? My choice are Free or very
> cheap software.
>
> Thank you.
> Mamo
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/